Browsing the "request" Tag

BlackCat CMS 1.3.6 Cross Site Request Forgery ≈ Packet Storm

September 21st, 2020 📆 | 7049 Views ⚑

# Exploit Title: BlackCat CMS 1.3.6 – Cross-Site Request Forgery# Date: 2020-06-01# Exploit Author: Noth# Vendor Homepage: https://github.com/BlackCatDevelopment/BlackCatCMS# Software Link:

Tagged with:




Acronis Cyber Backup 12.5 Build 16341 Server-Side Request Forgery ≈ Packet Storm

September 17th, 2020 📆 | 7599 Views ⚑

RCE Security Advisoryhttps://www.rcesecurity.com 1. ADVISORY INFORMATION=======================Product: Acronis Cyber BackupVendor URL: https://www.acronis.comType: Server-Side Request Forgery CWE-918]Date found: 2020-07-30Date published: 2020-09-14CVSSv3 Score:

Tagged with:




RAD SecFlow-1v SF_0290_2.3.01.26 Cross Site Request Forgery ≈ Packet Storm

September 15th, 2020 📆 | 8156 Views ⚑

# Exploit Title: RAD SecFlow-1v SF_0290_2.3.01.26 – Cross-Site Request Forgery (Reboot)# Date: 2020-08-31# Exploit Author: Uriel Yochpaz and Jonatan Schor#

Tagged with:




Hyland OnBase Cross Site Request Forgery ≈ Packet Storm

September 8th, 2020 📆 | 1742 Views ⚑

CVSSv3.1 Score————————————————-AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N Vendor————————————————-Hyland Software – (https://www.hyland.com/en/ and https://www.onbase.com/en/) Product————————————————-Hyland OnBaseAll derivatives based on OnBase Versions Affected————————————————-All versions up to and

Tagged with:




Apache2 mod_proxy_uwsgi Incorrect Request Handling ≈ Packet Storm

August 31st, 2020 📆 | 8541 Views ⚑

Apache2: Incorrect handling of large requests in mod_proxy_uwsgi mod_proxy_uwsgi as included in current versions of Apache httpd incorrectly handles largeHTTP

Tagged with:




Ericom Access Server 9.2.0 Server-Side Request Forgery ≈ Packet Storm

August 26th, 2020 📆 | 3544 Views ⚑

+] Credits: John Page (aka hyp3rlinx)+] Website: hyp3rlinx.altervista.org+] Source: http://hyp3rlinx.altervista.org/advisories/ERICOM-ACCESS-SERVER-ACCESS-NOW-BLAZE-9.2.0-SERVER-SIDE-REQUEST-FORGERY.txt+] twitter.com/hyp3rlinx+] ISR: ApparitionSec Vendor]www.ericom.com Product]Ericom Access Server x64 for (AccessNow

Tagged with:




GetSimple CMS Multi User 1.8.2 Cross Site Request Forgery ≈ Packet Storm

August 13th, 2020 📆 | 5508 Views ⚑

# Exploit Title: GetSimple CMS Plugin Multi User v1.8.2 – Cross-Site Request Forgery (Delete Admin/User)# Exploit Author: Bobby Cooke (boku)

Tagged with:




Daily Expenses Management System 1.0 Cross SIte Request Forgery ≈ Packet Storm

August 7th, 2020 📆 | 5113 Views ⚑

# Exploit Title: Daily Expenses Management System 1.0 – Cross-Site Request Forgery# Date: 2020-8-5# Exploit Author: Edo Maland# Vendor Homepage:

Tagged with:




Online Shopping Alphaware 1.0 Cross Site Request Forgery ≈ Packet Storm

August 7th, 2020 📆 | 8596 Views ⚑

# Exploit Title: Online Shopping Alphaware 1.0 – Cross-Site Request Forgery (Account Takeover)# Date: 2020-8-4# Exploit Author: Edo Maland# Vendor

Tagged with: